Medium severity5.9NVD Advisory· Published Dec 23, 2022· Updated Jun 17, 2026
CVE-2022-40897
CVE-2022-40897
Description
Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
setuptoolsPyPI | < 65.5.1 | 65.5.1 |
Affected products
168- Python Packaging Authority (PyPA)/setuptoolsdescription
- osv-coords167 versionspkg:apk/chainguard/py3.11-pytorch-cuda12pkg:apk/chainguard/pypy-bootstrappkg:apk/chainguard/pytorch-cuda-11.8pkg:apk/chainguard/pytorch-cuda12pkg:bitnami/setuptoolspkg:pypi/setuptoolspkg:rpm/almalinux/babelpkg:rpm/almalinux/platform-python-setuptoolspkg:rpm/almalinux/python2pkg:rpm/almalinux/python2-attrspkg:rpm/almalinux/python2-babelpkg:rpm/almalinux/python2-backportspkg:rpm/almalinux/python2-backports-ssl_match_hostnamepkg:rpm/almalinux/python2-bsonpkg:rpm/almalinux/python2-chardetpkg:rpm/almalinux/python2-coveragepkg:rpm/almalinux/python2-Cythonpkg:rpm/almalinux/python2-debugpkg:rpm/almalinux/python2-develpkg:rpm/almalinux/python2-dnspkg:rpm/almalinux/python2-docspkg:rpm/almalinux/python2-docs-infopkg:rpm/almalinux/python2-docutilspkg:rpm/almalinux/python2-funcsigspkg:rpm/almalinux/python2-idnapkg:rpm/almalinux/python2-ipaddresspkg:rpm/almalinux/python2-jinja2pkg:rpm/almalinux/python2-libspkg:rpm/almalinux/python2-lxmlpkg:rpm/almalinux/python2-markupsafepkg:rpm/almalinux/python2-mockpkg:rpm/almalinux/python2-nosepkg:rpm/almalinux/python2-numpypkg:rpm/almalinux/python2-numpy-docpkg:rpm/almalinux/python2-numpy-f2pypkg:rpm/almalinux/python2-pippkg:rpm/almalinux/python2-pip-wheelpkg:rpm/almalinux/python2-pluggypkg:rpm/almalinux/python2-psycopg2pkg:rpm/almalinux/python2-psycopg2-debugpkg:rpm/almalinux/python2-psycopg2-testspkg:rpm/almalinux/python2-pypkg:rpm/almalinux/python2-pygmentspkg:rpm/almalinux/python2-pymongopkg:rpm/almalinux/python2-pymongo-gridfspkg:rpm/almalinux/python2-PyMySQLpkg:rpm/almalinux/python2-pysockspkg:rpm/almalinux/python2-pytestpkg:rpm/almalinux/python2-pytest-mockpkg:rpm/almalinux/python2-pytzpkg:rpm/almalinux/python2-pyyamlpkg:rpm/almalinux/python2-requestspkg:rpm/almalinux/python2-rpm-macrospkg:rpm/almalinux/python2-scipypkg:rpm/almalinux/python2-setuptoolspkg:rpm/almalinux/python2-setuptools_scmpkg:rpm/almalinux/python2-setuptools-wheelpkg:rpm/almalinux/python2-sixpkg:rpm/almalinux/python2-sqlalchemypkg:rpm/almalinux/python2-testpkg:rpm/almalinux/python2-tkinterpkg:rpm/almalinux/python2-toolspkg:rpm/almalinux/python2-urllib3pkg:rpm/almalinux/python2-virtualenvpkg:rpm/almalinux/python2-wheelpkg:rpm/almalinux/python2-wheel-wheelpkg:rpm/almalinux/python39pkg:rpm/almalinux/python39-attrspkg:rpm/almalinux/python39-cffipkg:rpm/almalinux/python39-chardetpkg:rpm/almalinux/python39-cryptographypkg:rpm/almalinux/python39-Cythonpkg:rpm/almalinux/python39-debugpkg:rpm/almalinux/python39-develpkg:rpm/almalinux/python39-idlepkg:rpm/almalinux/python39-idnapkg:rpm/almalinux/python39-iniconfigpkg:rpm/almalinux/python39-libspkg:rpm/almalinux/python39-lxmlpkg:rpm/almalinux/python39-mod_wsgipkg:rpm/almalinux/python39-more-itertoolspkg:rpm/almalinux/python39-numpypkg:rpm/almalinux/python39-numpy-docpkg:rpm/almalinux/python39-numpy-f2pypkg:rpm/almalinux/python39-packagingpkg:rpm/almalinux/python39-pippkg:rpm/almalinux/python39-pip-wheelpkg:rpm/almalinux/python39-pluggypkg:rpm/almalinux/python39-plypkg:rpm/almalinux/python39-psutilpkg:rpm/almalinux/python39-psycopg2pkg:rpm/almalinux/python39-psycopg2-docpkg:rpm/almalinux/python39-psycopg2-testspkg:rpm/almalinux/python39-pypkg:rpm/almalinux/python39-pybind11pkg:rpm/almalinux/python39-pybind11-develpkg:rpm/almalinux/python39-pycparserpkg:rpm/almalinux/python39-PyMySQLpkg:rpm/almalinux/python39-pyparsingpkg:rpm/almalinux/python39-pysockspkg:rpm/almalinux/python39-pytestpkg:rpm/almalinux/python39-pyyamlpkg:rpm/almalinux/python39-requestspkg:rpm/almalinux/python39-rpm-macrospkg:rpm/almalinux/python39-scipypkg:rpm/almalinux/python39-setuptoolspkg:rpm/almalinux/python39-setuptools-wheelpkg:rpm/almalinux/python39-sixpkg:rpm/almalinux/python39-testpkg:rpm/almalinux/python39-tkinterpkg:rpm/almalinux/python39-tomlpkg:rpm/almalinux/python39-urllib3pkg:rpm/almalinux/python39-wcwidthpkg:rpm/almalinux/python39-wheelpkg:rpm/almalinux/python39-wheel-wheelpkg:rpm/almalinux/python3-setuptoolspkg:rpm/almalinux/python3-setuptools-wheelpkg:rpm/almalinux/python-nose-docspkg:rpm/almalinux/python-psycopg2-docpkg:rpm/almalinux/python-sqlalchemy-docpkg:rpm/opensuse/python310-setuptools&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/python39-setuptools&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/python3-setuptools&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/python3-setuptools&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/python3-setuptools&distro=openSUSE%20Leap%20Micro%205.3pkg:rpm/opensuse/python3-setuptools&distro=openSUSE%20Leap%20Micro%205.4pkg:rpm/opensuse/python3-setuptools-test&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/python3-setuptools-test&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/python3-setuptools-wheel&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/python3-setuptools-wheel&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/python-setuptools&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/python-setuptools&distro=openSUSE%20Leap%20Micro%205.2pkg:rpm/opensuse/python-setuptools&distro=openSUSE%20Leap%20Micro%205.3pkg:rpm/opensuse/python-setuptools-test&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/python-setuptools-wheel&distro=openSUSE%20Leap%2015.4pkg:rpm/suse/python310-setuptools&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%203%2015%20SP4pkg:rpm/suse/python36-setuptools&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/python36-setuptools&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/python39-setuptools&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP3pkg:rpm/suse/python3-setuptools&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/python3-setuptools&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/python3-setuptools&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/python3-setuptools&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4pkg:rpm/suse/python3-setuptools&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/python3-setuptools-test&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4pkg:rpm/suse/python3-setuptools-test&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/python3-setuptools-wheel&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4pkg:rpm/suse/python3-setuptools-wheel&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/python-setuptools&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/python-setuptools&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/python-setuptools&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/python-setuptools&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/python-setuptools&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4pkg:rpm/suse/python-setuptools&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2012pkg:rpm/suse/python-setuptools&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012pkg:rpm/suse/python-setuptools&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP3pkg:rpm/suse/python-setuptools&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/python-setuptools&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/python-setuptools&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/python-setuptools&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/python-setuptools&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-setuptools&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/python-setuptools&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/python-setuptools-test&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4pkg:rpm/suse/python-setuptools-test&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP3pkg:rpm/suse/python-setuptools-wheel&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4pkg:rpm/suse/python-setuptools-wheel&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP3
< 2.3.1-r3+ 166 more
- (no CPE)range: < 2.3.1-r3
- (no CPE)range: < 7.3.18-r1
- (no CPE)range: < 2.3.1-r1
- (no CPE)range: < 2.3.1-r3
- (no CPE)range: < 65.5.1
- (no CPE)range: < 65.5.1
- (no CPE)range: < 2.5.1-10.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 39.2.0-6.el8_7.1
- (no CPE)range: < 2.7.18-17.module_el8.10.0+3783+2756348e.alma
- (no CPE)range: < 17.4.0-10.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.5.1-10.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.0-16.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 3.5.0.1-12.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 3.7.0-1.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 3.0.4-10.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 4.5.1-5.module_el8.9.0+3640+8d3927b5
- (no CPE)range: < 0.28.1-7.module_el8.6.0+3162+01a09e5a
- (no CPE)range: < 2.7.18-17.module_el8.10.0+3783+2756348e.alma
- (no CPE)range: < 2.7.18-17.module_el8.10.0+3783+2756348e.alma
- (no CPE)range: < 1.15.0-10.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.7.16-2.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.7.16-2.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 0.14-12.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.0.2-13.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.5-7.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.0.18-6.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.10-10.module_el8.10.0+3783+2756348e
- (no CPE)range: < 2.7.18-17.module_el8.10.0+3783+2756348e.alma
- (no CPE)range: < 4.2.3-6.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 0.23-19.module_el8.6.0+3162+01a09e5a
- (no CPE)range: < 2.0.0-13.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.3.7-31.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1:1.14.2-16.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1:1.14.2-16.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1:1.14.2-16.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 9.0.3-19.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 9.0.3-19.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 0.6.0-8.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.7.5-8.module_el8.9.0+3640+8d3927b5
- (no CPE)range: < 2.7.5-8.module_el8.9.0+3640+8d3927b5
- (no CPE)range: < 2.7.5-8.module_el8.9.0+3640+8d3927b5
- (no CPE)range: < 1.5.3-6.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.2.0-22.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 3.7.0-1.module_el8.6.0+3162+01a09e5a
- (no CPE)range: < 3.7.0-1.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 0.8.0-10.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.6.8-6.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 3.4.2-13.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.9.0-4.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2017.2-13.module_el8.9.0+3640+8d3927b5
- (no CPE)range: < 3.12-16.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.20.0-4.module_el8.9.0+3640+8d3927b5
- (no CPE)range: < 3-38.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.0.0-22.module_el8.9.0+3640+8d3927b5
- (no CPE)range: < 39.0.1-14.module_el8.10.0+3783+2756348e
- (no CPE)range: < 1.15.7-6.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 39.0.1-14.module_el8.10.0+3783+2756348e
- (no CPE)range: < 1.11.0-6.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.3.2-2.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.7.18-17.module_el8.10.0+3783+2756348e.alma
- (no CPE)range: < 2.7.18-17.module_el8.10.0+3783+2756348e.alma
- (no CPE)range: < 2.7.18-17.module_el8.10.0+3783+2756348e.alma
- (no CPE)range: < 1.24.2-4.module_el8.10.0+3783+2756348e
- (no CPE)range: < 15.1.0-22.module_el8.10.0+3783+2756348e
- (no CPE)range: < 1:0.31.1-3.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1:0.31.1-3.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 3.9.18-3.module_el8.10.0+3765+2f9a457d
- (no CPE)range: < 20.3.0-2.module_el8.6.0+2780+a40f65e1
- (no CPE)range: < 1.14.3-2.module_el8.6.0+2780+a40f65e1
- (no CPE)range: < 3.0.4-19.module_el8.6.0+2780+a40f65e1
- (no CPE)range: < 3.3.1-3.module_el8.10.0+3765+2f9a457d
- (no CPE)range: < 0.29.21-5.module_el8.6.0+2780+a40f65e1
- (no CPE)range: < 3.9.18-3.module_el8.10.0+3765+2f9a457d
- (no CPE)range: < 3.9.18-3.module_el8.10.0+3765+2f9a457d
- (no CPE)range: < 3.9.18-3.module_el8.10.0+3765+2f9a457d
- (no CPE)range: < 2.10-3.module_el8.6.0+2780+a40f65e1
- (no CPE)range: < 1.1.1-2.module_el8.6.0+2780+a40f65e1
- (no CPE)range: < 3.9.18-3.module_el8.10.0+3765+2f9a457d
- (no CPE)range: < 4.6.5-1.module_el8.6.0+2780+a40f65e1
- (no CPE)range: < 4.7.1-7.module_el8.9.0+3634+fb2a896c
- (no CPE)range: < 8.5.0-2.module_el8.6.0+2780+a40f65e1
- (no CPE)range: < 1.19.4-3.module_el8.6.0+2780+a40f65e1
- (no CPE)range: < 1.19.4-3.module_el8.6.0+2780+a40f65e1
- (no CPE)range: < 1.19.4-3.module_el8.6.0+2780+a40f65e1
- (no CPE)range: < 20.4-4.module_el8.6.0+2780+a40f65e1
- (no CPE)range: < 20.2.4-9.module_el8.10.0+3765+2f9a457d
- (no CPE)range: < 20.2.4-9.module_el8.10.0+3765+2f9a457d
- (no CPE)range: < 0.13.1-3.module_el8.6.0+2780+a40f65e1
- (no CPE)range: < 3.11-10.module_el8.6.0+2780+a40f65e1
- (no CPE)range: < 5.8.0-4.module_el8.6.0+2780+a40f65e1
- (no CPE)range: < 2.8.6-3.module_el8.10.0+3765+2f9a457d
- (no CPE)range: < 2.8.6-3.module_el8.10.0+3765+2f9a457d
- (no CPE)range: < 2.8.6-3.module_el8.10.0+3765+2f9a457d
- (no CPE)range: < 1.10.0-1.module_el8.6.0+2780+a40f65e1
- (no CPE)range: < 2.7.1-1.module_el8.6.0+2780+a40f65e1
- (no CPE)range: < 2.7.1-1.module_el8.6.0+3248+c431e88c
- (no CPE)range: < 2.20-3.module_el8.6.0+2780+a40f65e1
- (no CPE)range: < 0.10.1-2.module_el8.6.0+2780+a40f65e1
- (no CPE)range: < 2.4.7-5.module_el8.6.0+2780+a40f65e1
- (no CPE)range: < 1.7.1-4.module_el8.6.0+2780+a40f65e1
- (no CPE)range: < 6.0.2-2.module_el8.6.0+2780+a40f65e1
- (no CPE)range: < 5.4.1-1.module_el8.6.0+2780+a40f65e1
- (no CPE)range: < 2.25.0-3.module_el8.9.0+3634+fb2a896c
- (no CPE)range: < 3.9.18-3.module_el8.10.0+3765+2f9a457d
- (no CPE)range: < 1.5.4-5.module_el8.9.0+3634+fb2a896c
- (no CPE)range: < 50.3.2-5.module_el8.10.0+3765+2f9a457d
- (no CPE)range: < 50.3.2-5.module_el8.10.0+3765+2f9a457d
- (no CPE)range: < 1.15.0-3.module_el8.6.0+2780+a40f65e1
- (no CPE)range: < 3.9.18-3.module_el8.10.0+3765+2f9a457d
- (no CPE)range: < 3.9.18-3.module_el8.10.0+3765+2f9a457d
- (no CPE)range: < 0.10.1-5.module_el8.6.0+2780+a40f65e1
- (no CPE)range: < 1.25.10-5.module_el8.10.0+3765+2f9a457d
- (no CPE)range: < 0.2.5-3.module_el8.6.0+2780+a40f65e1
- (no CPE)range: < 1:0.35.1-4.module_el8.6.0+2780+a40f65e1
- (no CPE)range: < 1:0.35.1-4.module_el8.6.0+2780+a40f65e1
- (no CPE)range: < 39.2.0-6.el8_7.1
- (no CPE)range: < 39.2.0-6.el8_7.1
- (no CPE)range: < 1.3.7-31.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.7.5-8.module_el8.9.0+3640+8d3927b5
- (no CPE)range: < 1.3.2-2.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 57.4.0-150400.4.3.1
- (no CPE)range: < 44.1.1-150300.7.6.1
- (no CPE)range: < 44.1.1-150400.9.6.1
- (no CPE)range: < 44.1.1-150400.9.6.1
- (no CPE)range: < 44.1.1-150400.9.6.1
- (no CPE)range: < 44.1.1-150400.9.6.1
- (no CPE)range: < 44.1.1-150400.9.6.1
- (no CPE)range: < 44.1.1-150400.9.6.1
- (no CPE)range: < 44.1.1-150400.9.6.1
- (no CPE)range: < 44.1.1-150400.9.6.1
- (no CPE)range: < 44.1.1-150400.3.3.1
- (no CPE)range: < 40.5.0-150100.6.6.1
- (no CPE)range: < 44.1.1-150400.3.3.1
- (no CPE)range: < 44.1.1-150400.3.3.1
- (no CPE)range: < 44.1.1-150400.3.3.1
- (no CPE)range: < 57.4.0-150400.4.3.1
- (no CPE)range: < 44.1.1-8.6.1
- (no CPE)range: < 44.1.1-8.6.1
- (no CPE)range: < 44.1.1-150300.7.6.1
- (no CPE)range: < 44.1.1-150400.9.6.1
- (no CPE)range: < 44.1.1-150400.9.6.1
- (no CPE)range: < 44.1.1-150400.9.6.1
- (no CPE)range: < 44.1.1-150400.9.6.1
- (no CPE)range: < 44.1.1-150400.9.6.1
- (no CPE)range: < 44.1.1-150400.9.6.1
- (no CPE)range: < 44.1.1-150400.9.6.1
- (no CPE)range: < 44.1.1-150400.9.6.1
- (no CPE)range: < 44.1.1-150400.9.6.1
- (no CPE)range: < 36.5.0-3.3.1
- (no CPE)range: < 40.5.0-150100.6.6.1
- (no CPE)range: < 40.5.0-150100.6.6.1
- (no CPE)range: < 44.1.1-150400.3.3.1
- (no CPE)range: < 44.1.1-150400.3.3.1
- (no CPE)range: < 40.6.2-4.21.1
- (no CPE)range: < 40.6.2-4.21.1
- (no CPE)range: < 40.5.0-150100.6.6.1
- (no CPE)range: < 40.6.2-4.21.1
- (no CPE)range: < 40.6.2-4.21.1
- (no CPE)range: < 40.6.2-4.21.1
- (no CPE)range: < 36.5.0-3.3.1
- (no CPE)range: < 40.1.0-3.3.1
- (no CPE)range: < 36.5.0-3.3.1
- (no CPE)range: < 40.1.0-3.3.1
- (no CPE)range: < 44.1.1-150400.3.3.1
- (no CPE)range: < 40.5.0-150100.6.6.1
- (no CPE)range: < 44.1.1-150400.3.3.1
- (no CPE)range: < 40.5.0-150100.6.6.1
Patches
Vulnerability mechanics
References
23- github.com/pypa/setuptools/commit/43a9c9bfa6aa626ec2a22540bea28d2ca77964benvdPatchThird Party AdvisoryWEB
- pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/nvdExploitPatchTechnical DescriptionVendor Advisory
- github.com/advisories/GHSA-r9hx-vwmv-q579ghsaADVISORY
- github.com/pypa/setuptools/blob/fe8a98e696241487ba6ac9f91faa38ade939ec5d/setuptools/package_index.pynvdThird Party AdvisoryWEB
- github.com/pypa/setuptools/compare/v65.5.0...v65.5.1nvdRelease NotesThird Party AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2022-40897ghsaADVISORY
- pyup.io/vulnerabilities/CVE-2022-40897/52495/nvdThird Party Advisory
- github.com/pypa/advisory-database/tree/main/vulns/setuptools/PYSEC-2022-43012.yamlghsaWEB
- github.com/pypa/setuptools/issues/3659ghsaWEB
- lists.debian.org/debian-lts-announce/2024/09/msg00018.htmlnvdWEB
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ADES3NLOE5QJKBLGNZNI2RGVOSQXA37RghsaWEB
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YNA2BAH2ACBZ4TVJZKFLCR7L23BG5C3HghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ADES3NLOE5QJKBLGNZNI2RGVOSQXA37RghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YNA2BAH2ACBZ4TVJZKFLCR7L23BG5C3HghsaWEB
- pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packagesghsaWEB
- pyup.io/vulnerabilities/CVE-2022-40897/52495ghsaWEB
- security.netapp.com/advisory/ntap-20230214-0001ghsaWEB
- security.netapp.com/advisory/ntap-20240621-0006ghsaWEB
- setuptools.pypa.io/en/latestghsaWEB
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ADES3NLOE5QJKBLGNZNI2RGVOSQXA37R/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YNA2BAH2ACBZ4TVJZKFLCR7L23BG5C3H/nvd
- security.netapp.com/advisory/ntap-20230214-0001/nvd
- security.netapp.com/advisory/ntap-20240621-0006/nvd
News mentions
0No linked articles in our index yet.